08d465423efc43b674308b6c4d50d7bd72e0a57e468287214243c3226ff7c162 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0ed37cfb9b28c9641b6644f80b1b635_JaffaCakes118
Size

17KB
Sample

240907-ddtpwa1err
MD5

d0ed37cfb9b28c9641b6644f80b1b635
SHA1

029c2b50b35c90fd7aed0041a7899f4584f908c1
SHA256

08d465423efc43b674308b6c4d50d7bd72e0a57e468287214243c3226ff7c162
SHA512

ae78816566681f8adf8a2621a11adacfe17be196c09d445fa96a8ece3c99f39f336c998ecf0ce592c7a17b3ce8173a1976a55ff249688a4eab240c32f001422d
SSDEEP

384:4F9Gdrx6bTZWMP+afeHs7swcpPaLm3aZLbUx:s00xWF8sB9D

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d0ed37cfb9b28c9641b6644f80b1b635_JaffaCakes118
- Size
  
  17KB
- MD5
  
  d0ed37cfb9b28c9641b6644f80b1b635
- SHA1
  
  029c2b50b35c90fd7aed0041a7899f4584f908c1
- SHA256
  
  08d465423efc43b674308b6c4d50d7bd72e0a57e468287214243c3226ff7c162
- SHA512
  
  ae78816566681f8adf8a2621a11adacfe17be196c09d445fa96a8ece3c99f39f336c998ecf0ce592c7a17b3ce8173a1976a55ff249688a4eab240c32f001422d
- SSDEEP
  
  384:4F9Gdrx6bTZWMP+afeHs7swcpPaLm3aZLbUx:s00xWF8sB9D
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2